From 57bf7bfaa52ba2a2d9be1fa94a21b4d6ddd3163c Mon Sep 17 00:00:00 2001
From: Rod Roark <rod@sunsetsystems.com>
Date: Tue, 14 Dec 2010 12:30:09 -0800
Subject: [PATCH] Added patient search filter option to search by a service
 provided.

---
 custom/search.php                        | 67 ++++++++++++++++++++------------
 interface/main/finder/patient_select.php | 24 ++++++++++--
 interface/main/left_nav.php              | 18 ++++++---
 library/patient.inc                      | 27 +++++++++++--
 4 files changed, 98 insertions(+), 38 deletions(-)

diff --git a/custom/search.php b/custom/search.php
index 8c9f9a4d4..cf38ee08d 100644
--- a/custom/search.php
+++ b/custom/search.php
@@ -14,11 +14,10 @@ $sanitize_all_escapes=true;
 $fake_register_globals=false;
 //
 
-include_once("../interface/globals.php");
-require_once("../library/sql.inc");
-
+require_once("../interface/globals.php");
+require_once("$srcdir/sql.inc");
 ?>
-
+<html>
 <head>
   <link rel="stylesheet" href="<?php echo $css_header;?>" type="text/css">
 <style type="text/css">
@@ -29,7 +28,7 @@ require_once("../library/sql.inc");
   background: #94D6E7;
  }
 </style>
-  <script language="javascript">
+<script language="javascript">
 	function doSelectorButton() {
 		var selector = document.getElementById('selectorButton');
 		var value;
@@ -54,6 +53,7 @@ require_once("../library/sql.inc");
 		// buildup fieldstring
 		var checkBoxes = document.getElementsByName( "searchFields" );
 		var fieldString = '';
+    var ssc = document.forms[0].search_service_code.value;
 		for (i = 0; i < checkBoxes.length; i++) {
 			if ( checkBoxes[i].checked ) {
 				if ( fieldString != '' ) {
@@ -62,19 +62,21 @@ require_once("../library/sql.inc");
 				fieldString += checkBoxes[i].value;
 			}
 		}
-	    if ( opener != null ) {
-			if ( fieldString == '' || fieldString == undefined ) {
+		if ( opener != null ) {
+			if (fieldString == undefined || (fieldString == '' && ssc.length == '')) {
 				alert("<?php echo htmlspecialchars( xl('You must select some fields to continue.'), ENT_QUOTES); ?>");
 				return false;
 			}
-			opener.processFilter( fieldString );
-        }
+			opener.processFilter(fieldString, ssc);
+		}
 	}
 
-  </script>
+</script>
 </head>
 
 <body>
+<form>
+
 	<table>
 	  <tr>
 		<td>
@@ -91,40 +93,55 @@ require_once("../library/sql.inc");
 
 	<?php
     function echoFilterItem($iter, $fieldId, $fieldTitle) {
-			if ( $iter == 0 || ($iter % 3 == 0) ) {
+			if ($iter % 3 == 0) {
 				if ( $iter > 0 ) {
-					echo "</tr>";
+					echo "</tr>\n";
 				}
-				echo "<tr>";
+				echo "<tr>\n";
 			}
 			echo "<td>";
 			echo "<input type='checkbox' value='".htmlspecialchars( ${fieldId}, ENT_QUOTES)."' name='searchFields'/> <b>".htmlspecialchars( $fieldTitle, ENT_NOQUOTES)."</b>";
-			echo "</td>";
+			echo "</td>\n";
     }
 
 		$layoutCols = sqlStatement( "SELECT field_id, title, description, group_name "
       . "FROM layout_options "
       . "WHERE form_id='DEM' "
-      . "AND group_name not like ('%Employer%' ) AND uor !=0 "
+      . "AND group_name not like ('%Employer%' ) AND uor != 0 "
       . "ORDER BY group_name,seq"
 		);
 
 		echo "<table>";
 
 		for($iter=0; $row=sqlFetchArray($layoutCols); $iter++) {
-		    $label = $row['title'] ? $row['title'] : $row['description'];
-		    if ( !$label ) {
-		        $label = $row['field_id'];
-		    }
-            echoFilterItem(
-                $iter,
-                $row['field_id'],
-                xl_layout_label($label)
-            );
+			$label = $row['title'] ? $row['title'] : $row['description'];
+			if ( !$label ) {
+				$label = $row['field_id'];
+			}
+			echoFilterItem(
+				$iter,
+				$row['field_id'],
+				xl_layout_label($label)
+			);
 		}
-    echoFilterItem($iter, 'pid', xl('Internal Identifier (pid)'));
+    echoFilterItem($iter++, 'pid', xl('Internal Identifier (pid)'));
+
+		// Finish the row gracefully.
+		while ($iter++ % 3) echo "<td>&nbsp;</td>\n";
+		echo "</tr>\n";
+
+		// Write a final line to solicit an optional service code.
+		echo "<tr>\n";
+		echo "<td colspan='3'>";
+		echo "<input type='text' value='' name='search_service_code' size='8' /> " .
+			"<b>" . xl('Service Code') . "</b> (" .
+			htmlspecialchars(xl('if entered, select only those who have had this service')) . ")";
+		echo "</td>\n";
+		echo "</tr>\n";
 
 		echo "</table>";
 	?>
 
+</form>
 </body>
+</html>
diff --git a/interface/main/finder/patient_select.php b/interface/main/finder/patient_select.php
index c2bf9d8be..f68037752 100644
--- a/interface/main/finder/patient_select.php
+++ b/interface/main/finder/patient_select.php
@@ -12,9 +12,9 @@ $sanitize_all_escapes=true;
 $fake_register_globals=false;
 //
 
-include_once("../../globals.php");
-include_once("$srcdir/patient.inc");
-include_once("$srcdir/formdata.inc.php");
+require_once("../../globals.php");
+require_once("$srcdir/patient.inc");
+require_once("$srcdir/formdata.inc.php");
 
 $fstart = $_REQUEST['fstart'] + 0;
 $popup  = empty($_REQUEST['popup']) ? 0 : 1;
@@ -119,6 +119,10 @@ $sqllimit = $MAXSHOW;
 $given = "*, DATE_FORMAT(DOB,'%m/%d/%Y') as DOB_TS";
 $orderby = "lname ASC, fname ASC";
 
+$search_service_code = strip_escape_custom(trim($_POST['search_service_code']));
+echo "<input type='hidden' name='search_service_code' value='" .
+  htmlentities($search_service_code) . "' />\n";
+
 if ($popup) {
   echo "<input type='hidden' name='popup' value='1' />\n";
 
@@ -151,6 +155,17 @@ if ($popup) {
     }
   }
 
+  // If a non-empty service code was given, then restrict to patients who
+  // have been provided that service.  Since the code is used in a LIKE
+  // clause, % and _ wildcards are supported.
+  if ($search_service_code) $where .=
+    " AND ( SELECT COUNT(*) FROM billing AS b WHERE " .
+    "b.pid = patient_data.pid AND " .
+    "b.activity = 1 AND " .
+    "b.code_type != 'COPAY' AND " .
+    "b.code LIKE '" . add_escape_custom($search_service_code) . "' " .
+    ") > 0";
+
   $sql = "SELECT $given FROM patient_data " .
     "WHERE $where ORDER BY $orderby LIMIT $fstart, $sqllimit";
   $rez = sqlStatement($sql,$sqlBindArray);
@@ -179,7 +194,8 @@ else {
   else if ($findBy == "Any")
       $result = getByPatientDemographics("$patient", $given, $orderby, $sqllimit, $fstart);
   else if ($findBy == "Filter") {
-      $result = getByPatientDemographicsFilter($searchFields, "$patient", $given, $orderby, $sqllimit, $fstart);
+    $result = getByPatientDemographicsFilter($searchFields, "$patient",
+      $given, $orderby, $sqllimit, $fstart, $search_service_code);
   }
 }
 ?>
diff --git a/interface/main/left_nav.php b/interface/main/left_nav.php
index f0ff7d193..28d1ee654 100644
--- a/interface/main/left_nav.php
+++ b/interface/main/left_nav.php
@@ -466,19 +466,24 @@ function goHome() {
     top.frames['RBot'].location='messages/messages.php';
 }
 
- //
+ // Reference to the search.php window.
  var my_window;
+
+ // Open the search.php window.
  function initFilter() {
     my_window = window.open("../../custom/search.php", "mywindow","status=1");
  }
 
- function processFilter( fieldString ) {
-    document.getElementById('searchFields').value=fieldString;
-    findPatient( "Filter" );
-        my_window.close();
+ // This is called by the search.php (Filter) window.
+ function processFilter(fieldString, serviceCode) {
+  var f = document.forms[0];
+  document.getElementById('searchFields').value = fieldString;
+  f.search_service_code.value = serviceCode;
+  findPatient("Filter");
+  f.search_service_code.value = '';
+  my_window.close();
  }
 
-
  // Process the click to find a patient by name, id, ssn or dob.
  function findPatient(findby) {
   var f = document.forms[0];
@@ -1224,6 +1229,7 @@ if (!empty($reg)) {
 
 <input type='hidden' name='findBy' value='Last' />
 <input type="hidden" name="searchFields" id="searchFields"/>
+<input type="hidden" name="search_service_code" value='' />
 
 </form>
 
diff --git a/library/patient.inc b/library/patient.inc
index e970cdeba..3901f25c2 100644
--- a/library/patient.inc
+++ b/library/patient.inc
@@ -4,7 +4,7 @@
 // as published by the Free Software Foundation; either version 2
 // of the License, or (at your option) any later version.
 
-include_once("{$GLOBALS['srcdir']}/sql.inc");
+require_once("{$GLOBALS['srcdir']}/sql.inc");
 require_once(dirname(__FILE__) . "/classes/WSWrapper.class.php");
 require_once("{$GLOBALS['srcdir']}/formdata.inc.php");
 
@@ -439,13 +439,16 @@ function getByPatientDemographics($searchTerm = "%", $given = "pid, id, lname, f
   return $returnval;
 }
 
-function getByPatientDemographicsFilter($searchFields, $searchTerm = "%", $given = "pid, id, lname, fname, mname, providerID, DATE_FORMAT(DOB,'%m/%d/%Y') as DOB_TS", $orderby = "lname ASC, fname ASC", $limit="all", $start="0" )
+function getByPatientDemographicsFilter($searchFields, $searchTerm = "%",
+  $given = "pid, id, lname, fname, mname, providerID, DATE_FORMAT(DOB,'%m/%d/%Y') as DOB_TS",
+  $orderby = "lname ASC, fname ASC", $limit="all", $start="0", $search_service_code='')
 {
 	$layoutCols = split( '~', $searchFields );
   $sqlBindArray = array();
   $where = "";
   $i = 0;
-  foreach ($layoutCols as $val ) {
+  foreach ($layoutCols as $val) {
+    if (empty($val)) continue;
 		if ( $i > 0 ) {
 		   $where .= " or ";
 		}
@@ -459,6 +462,24 @@ function getByPatientDemographicsFilter($searchFields, $searchTerm = "%", $given
     }
 		$i++;
 	}
+
+  // If no search terms, ensure valid syntax.
+  if ($i == 0) $where = "1 = 1";
+
+  // If a non-empty service code was given, then restrict to patients who
+  // have been provided that service.  Since the code is used in a LIKE
+  // clause, % and _ wildcards are supported.
+  if ($search_service_code) {
+    $where = "( $where ) AND " .
+      "( SELECT COUNT(*) FROM billing AS b WHERE " .
+      "b.pid = patient_data.pid AND " .
+      "b.activity = 1 AND " .
+      "b.code_type != 'COPAY' AND " .
+      "b.code LIKE ? " .
+      ") > 0";
+    array_push($sqlBindArray, $search_service_code);
+  }
+
   $sql = "SELECT $given FROM patient_data WHERE $where ORDER BY $orderby";
   if ($limit != "all") $sql .= " limit $start, $limit";
   $rez = sqlStatement($sql, $sqlBindArray);
-- 
2.11.4.GIT